The SOC Analyst (L1/L2) is responsible for continuous monitoring, detection, analysis, and response to cybersecurity threats across enterprise environments. The role supports 24x7 SOC operations, performing real‑time security event monitoring, incident triage, investigation, escalation, and remediation in accordance with established runbooks, SLAs, and client requirements.
Key Responsibilities
Monitor and analyze security alerts from SIEM, SOAR, EDR, and other security tools to identify potential threats.
Perform timely triage, validation, and investigation of alerts in accordance with SLA and prioritization matrix (P1–P4).
Execute approved containment, response, and remediation actions using defined SOC runbooks.
Manage incidents through the full case lifecycle, ensuring accurate documentation, status updates, and closure in the case management system.
Follow standard case handling processes, including case stage/status flow and QA validation requirements.
Monitor SOC communication channels (e.g., mailbox, SOAR) and ensure timely response to inquiries, escalations, and stakeholder coordination.
Escalate high-severity or complex incidents in line with SLAs, including immediate notification for potential P1/P2 cases.
Ensure SLA compliance and resolution, including coordination with internal and external stakeholders.
Perform shift-based operations, including effective handover of active and critical cases with complete context.
Identify and report operational issues, anomalies, or delays within the same shift to relevant leads.
Support continuous improvement by supporting in identifying gaps in detection, logging, automation, and case handling processes.
Technical Skills
Strong understanding of cybersecurity fundamentals, including threat types, attack vectors, the CIA triad, and awareness of frameworks such as MITRE ATT&CK for threat identification.
Working knowledge of operating systems (Windows, Linux/Unix) and networking concepts (TCP/IP, OSI model, DNS, HTTP/S).
Experience or familiarity with SIEM/SOAR platforms, endpoint protection, firewalls, and security monitoring tools.
Ability to analyze logs, network traffic, and endpoint telemetry to identify malicious activity.
Exposure to cloud security concepts (Azure, AWS, or GCP) is an advantage.
Familiarity with the MITRE ATT&CK framework for threat identification is an advantage.
Bachelor’s degree in computer science, Information Security, Information Technology, or a related field.
1–3 years of experience in Security Operations, IT security, or a related role.
Basic understanding of cybersecurity concepts, threats, and attack methodologies.
Hands-on exposure or academic experience with SIEM, SOAR, EDR, or security monitoring tools is an advantage.
Familiarity with incident handling, alert triage, and case management processes.
Strong analytical and problem-solving skills with attention to detail.
Good written and verbal communication skills for documentation and handover reporting.
Relevant certifications – e.g., Security+, SC-200, CEH (Associate level) – are an advantage but not mandatory.
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.Visit us at www.accenture.com
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.